diff --git a/playbooks/groups/osbs-cluster.yml b/playbooks/groups/osbs-cluster.yml
index cc56fef205..012ee72e42 100644
--- a/playbooks/groups/osbs-cluster.yml
+++ b/playbooks/groups/osbs-cluster.yml
@@ -466,6 +466,9 @@
     osbs_service_accounts: "{{ osbs_conf_service_accounts }}"
     osbs_registry_uri: "https://{{ docker_registry }}/v2"
     osbs_source_registry_uri: "https://{{ source_registry }}/v2"
+    koji_use_kerberos: True
+    koji_kerberos_keytab: "FILE/etc/krb5.osbs_{{ osbs_url }}.keytab"
+    koji_kerberos_principal: "osbs/{{osbs_url}}@{{ ipa_realm }}"
     when: env == "staging"
 
 - name: setup reactor config secret in orchestrator namespace
diff --git a/roles/osbs-namespace/templates/client-config-secret.conf.j2 b/roles/osbs-namespace/templates/client-config-secret.conf.j2
index 3b6b620eab..910f3b8f98 100644
--- a/roles/osbs-namespace/templates/client-config-secret.conf.j2
+++ b/roles/osbs-namespace/templates/client-config-secret.conf.j2
@@ -26,6 +26,15 @@ koji_hub = {{ osbs_koji_hub }}
 {% if osbs_koji_root %}
 koji_root = {{ osbs_koji_root }}
 {% endif %}
+{% koji_use_kerberos is defined %}
+koji_use_kerberos = {{ koji_use_kerberos }}
+{% endif %}
+{% if koji_kerberos_keytab is defined %}
+koji_kerberos_keytab = {{ koji_kerberos_keytab }}
+{% endif %}
+{% if koji_kerberos_principal is defined %}
+koji_kerberos_principal = {{ koji_kerberos_principal }}
+{% endif %}
 
 # Pulp integration
 {% if osbs_pulp_registry_name %}